Love

It's cool to see orgs like @ComaeIO making it easier to snapshot system memory to facilitate future investigations. This is a powerful idea that adds another landmine for intruders to try to avoid, while giving defenders potentially rich host-centric forensic data. HT @allenmalehttps://t.co/QqH4pbEX1D

I confirm that Comae has so much innovation in here. This is definitely a quick win solution for servers where we can not contractually apply updates such as ones in plants.Something between « run the AV » (which detect nothing) and a full month forensic investigation.